Friday, September 30, 2011

Hacking People - Round 2

I just got off a half-hour-ish long phone call with a ^Representative of Microsoft^ who was kindly ringing me about a problem that my computer had reported to them.

    It's nice to be ready. 
 Referring to Hacking People

So this time I decided to click an imaginary Start Button.

The phone call was pretty much identical to the one mentioned in the previous post.

The charade continues...

"Ok, I clicked Start."

"What do you see?"

Damn, I was afraid of this.  I'm sitting in front of a Mac.  Time to draw on those decades of Windows experience from the time 'of PC'.  "Um, lets see, there's All Programs...and..."

"Okay, click on All Programs."


"Yep, okay, I clicked on All Programs."

"Okay, what do you see."

"Um, there's Accessories.. and some of my programs are there..."  It's been a while...

"Okay, now your next menu to click on is ..." I couldn't understand what she was saying so I asked her to repeat herself... twice.  Turns out it was Accessories.  I'm struggling with her accent as much as she's struggling with English - particularly when it comes to S's.  We continued this painful guidance through the Windows Start menu until we opened (on my imaginary Windows PC) the command prompt.

She spelt out what she wanted me to type.  "M is for monkey. S is for Sally. C is for Charlie. O is for Orange. N is for Nelly. F is for fox. I is for indigo. G is for gun.  Did you get that?"

I did.  I had it at MSC, but I got her to repeat it "...just in case I got any letters wrong."

The System Configuration Utility sprang up on the screen my imaginary Windows PC.  I may not have used a Windows machine for a few years, but I know quite well what MSConfig is.

She continued to guide me though to the "Services" tab for another round of lingual issues, and then she asks me to look at the list on that tab.  "What do you see there?"

"Oh, there's a heap of writing there..."

"Do you see some of them are running and some are stopped?"

I squinted at my imaginary Windows PC "Ummm...  hey, yeah.  There's some running and some are stopped!  You're right!" I guessed.

"Yes.  That's the viruses.  They've stopped those programs from running because they've corrupted the files."

"Really?  All those programs are supposed to be running?"

"Yes!  They're what makes your computer work."

"Wow.  And the viruses have broken them huh?"

"Yes, the viruses stop all those programs from running."

Windows has plenty of services and programs that people never run.  They don't run by default and are of no interest to anyone except perhaps the occasional Network Administrator or Power User.  There're all installed, just not turned on.

"How do I fix that?"

"That is what I'm here for.  To help you fix your computer.  I show you where the files are..."

More lingual difficulty followed as she got me to close MSConfig, press and hold the Windows key and press R (I got her to repeat R three times) to open the Run dialoge, type cmd and click OK.  Much better than finding the Command Prompt through the All Programs menu.  ImaginaryPC (iPC?) popped a command prompt up on it's imaginary monitor.

"I have a black window up with a white thing blinking."

"A black window.  Okay, I'll show you where the security code is.  Type in..." and she proceeded to sound out each letter I needed to type in... three times.  I still didn't get it.  It didn't matter.  iPC got it.  I told her I got it and pressed the imaginary Enter key.  "ooohhh...." I said.

"You see all the writing?" she asks.


"See the code at the bottom.  I will just confirm that this code is yours."  She began reading out a code and it was a long one.  It was more than her English skills could handle.  

Mid sentence, she was replaced. The voice spoke better English and had a mountain of confidence.  No-one said anything about putting me through to someone else, or I'll just put you onto my supervisor or anything, just suddenly it was a new voice.  Similar though - as if she'd took a pill that gave her another 5 years experience in doing what she's doing now.  I didn't mention it.  It wasn't important.  

She explained that the command I typed in will show a "'Security code' called a CLSID" She read the code off.

"888DCA60-FC0A-11CF-8F0F-00C04FD7D062"  Making sure she gave a word for each letter to be sure there are no mistakes.  I didn't actually get the entire code.  Language problems again.  She asked me if that was the same code that I had on my screen.

"I think there was one letter wrong.  I think.  I'm not sure.  Can you read it again?"

She did.

The command she asked me to type in was ASSOC which is a windows command to display a list of Windows file associations.  File associations are how your computer can tell which program to open a particular file with, so that Word files open with Word for instance.  Windows computers by default recognise a file extension called ZFSendToTarget and being that it starts with Z it will be on the bottom of the list every time - on every Windows computer.  This file association has what is called a CLSID - that long number, which is also the same on every computer.  She is simply reading me a number that is guaranteed to be there and guaranteed to be the same.
"Yes, it IS the same."

She got me to close the command prompt and now we were getting to the crux of the scam.

"Press Windows and R."  The imaginary 'Run' dialogue opened again and she spelled out the following command.


I opened Chrome on my Mac and visited the site.

AMMYY - Free Remote Control Software 
For Remote Desktop Sharing.

Yep, that's all they need really.  There's nothing more I need to know.  Now to keep them on the line for as long as possible... someone there must be paying international rates...  besides, my imaginary PC isn't even connected to the Internet yet... and the only option I have to get it online is imaginary dial-up!

"It's opened Internet Explorer.  It wants me to connect to the Internet.  Hang on... it takes a little while... I'm on dial-up."

"That's okay.  Take your time."  For a scammer, she was very nice.

I did take my time.  I remember dial-up.

"Okay, it's online now.  A website came up.  A green one."

"Yes, a green website. That's it!" She was pretty happy about getting me this far. "Do you see the green button?"

"Yes, I see a green button..."

"Okay, click the green button, and when the button comes up, click Run."

I clicked the link.  Chrome for Mac downloaded a Windows exe file a little over a meg in a blink.  The file name: AMMYY_Admin.exe

"Okay.  It's downloading" I said, sticking to my dial-up story.  After a minute I said "It's finished downloading, do I click Run now?"

"Yes, click Run." she replied.

"The screen is all blue with white writing on it."

"The screen is all blue?  White whiting?"

"Oh, my computer just rebooted.  Is it supposed to do that?"  Turns out even imaginary Windows PC's will crash at the worst possible time.

She didn't understand most of what I said, I guess it was a long way off script.  I spoke slowly and explained that my PC (omitting that it was imaginary) had crashed.  "There was a blue screen.  The computer turned off by itself.  It's starting up again now."

"Oh, your computer turned off by itself.  Oh, that is very bad.  Viruses can be very bad.  You must have a lot of viruses on your PC."

"I'm just glad you're able to help me get rid of them.  Thank you for being so patient with me.  These computers can be so confusing sometimes."

"Yes, that is why I call you.  I can help you fix your computer."

"Thanks, you're really helpful.  Okay, the computer is all started again.  I'll just connect to the Internet again.  Hang on."

"Yes, okay, connect to the Internet."

iPC sat there obediently connecting to it's dial-up Internet.

"Okay, it's connected." I told her. "Do you want me to do that Command R thing again?"


Oh damn!  The jig is up!  Being a Mac user has blown my cover!

"Oh, um, that Windows Key and the R key thing we did.  Do you want me to do that again?"

"Windows R, yes, umm... yes," she found her place on the flowchart. "Yes, press Windows and R keys."


"Okay.  It's still got 'iexplore' in it."

"Yes, good.  Click OK"



"Okay, Internet Explorer is opened and there's that green website again."

"Good.  Now click the green button."

"It's downloading."  I waited a while "It's finished, do I click Run?"

"Yes. Click Run."

"Okay." *Click* "I have a blue screen.  It has white writing on it.  My computer is rebooting."

"Ohh, you have very bad problem.  You need to take your computer to a computer doctor.  You have got a very bad virus."

"A computer doctor?  So you can't help me?"

"Yes! Yes, I can help you.  This is why I am here."

"Oh.  Good."  I was enjoying this far too much.  iPC rebooted and the dial-up was reconnected.  For a third time we used the Run dialogue to open Internet Explorer and go directly to the green website.  We continued following her flowchart and clicked the green button, downloaded the exe and arrived at the Run dialogue.

"I have the Run dialogue again."

She's still following the flowchart.  "Yes. Click Run."

"Well, I've done that twice before.  When I click that Run button, my screen goes blue and then my computer turns off all by itself.  Are you sure you want me to click the Run button?"

There was a pause.  It was brief, but there was definitely a pause.

"There is one thing you can do."


"You can go to hell.  You hear me?  You can GO TO HELL!!!"

I couldn't reply.  I was laughing too hard.  She hung up.  What a dear.  I hope she considers a career change.

No comments: